package top.xiaodaiyu.shiro.auth.config;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;

/**
 * @author by  Administrator
 * 包名空间  top.xiaodaiyu.dell.control
 * 用途
 * Created by dtt on 2018/8/1
 * Email 532199946@qq.com
 **/
@RestController
public class LoginController {


    /**
     * 登陆
     *
     * @param username 用户名
     * @param password 密码
     */
    @RequestMapping(value = "/login", method = RequestMethod.POST)
    public String login(String username, String password) {
        String resultMap = "";
        // 从SecurityUtils里边创建一个 subject
        Subject subject = SecurityUtils.getSubject();
        // 在认证提交前准备 token（令牌）
        UsernamePasswordToken token = new UsernamePasswordToken(username, password);
        // 执行认证登陆

        subject.login(token);
        //根据权限，指定返回数据
       // String role = userMapper.getRole(username);
        String role = "user";
        if ("user".equals(role)) {
            resultMap="欢迎登陆";
            return resultMap;
        }
        if ("admin".equals(role)) {
            resultMap="欢迎来到管理员页面";
            return resultMap;
        }
        resultMap="权限错误！";
        return resultMap;
    }

}
